go-local-health
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs standard development tasks using well-known Go ecosystem tools.
- [COMMAND_EXECUTION]: The skill executes local commands such as
go test,golangci-lint,tparse,lazygotest, andgocovsh. These are standard tools for Go development. - [DATA_EXPOSURE]: The script reads local
go.modfiles and package structures to determine the scope of tests and linting. No sensitive data is accessed or transmitted externally. - [REMOTE_CODE_EXECUTION]: No remote code execution or automated downloads were detected. The skill explicitly instructs the agent to ask the user before installing any missing tools.
- [PROMPT_INJECTION]: No malicious prompt injection patterns were found. The instructions focus on tool usage and repository guardrails.
- [COMMAND_EXECUTION]: The provided bash script (
scripts/go-local-health) includes robust input validation for the--scopeparameter, checking for whitespace, newlines, and leading dashes to prevent argument injection.
Audit Metadata